An IT Networking Informational Spot

Monthly Archives: March 2014

Earlier, tests on faster methods of transmitting data have been conducted using the complex laser technology, but this is the first test conducted in real world conditions, outside the testing labs.

Friday, January 24, 2014 [Original Article]: In what can be termed as the biggest breakthrough in the world of internet, scientists in UK have achieved fastest ever broadband speed of 1.4 terabits per second. This speed is enough to transfer 44 high-definition movies at once.

This test was conducted in London by British Telecom and French networking equipment company Alcatel-Lucent jointly, where they achieved the high speeds of 1.4 terabits per second, or 1,83,501Mbps, on the existing fibre network in London. This breakthrough is of high importance for the internet service providers, as it facilitates sending of greater amount of information through existing broadband infrastructure. All this can happen without costly infrastructure upgrades.

Earlier, tests on faster methods of transmitting data have been conducted using the complex laser technology, but this is the first test conducted in real world conditions, outside the testing labs. This test of fast internet was conducted in October and November last year, on a line from BT Tower in central London and the company’s research campus near Ipswich.

Kevin Drury, optical marketing leader, Alcatel-Lucent, said that this development would reduce the space between lanes on a busy motorway, providing for more lanes of traffic to flow in the same area. In simple terms, this innovation would result in streaming of video via a large, wide lane while accessing standard web pages would need only a small part of the fibre’s capacity.

Security engineers from Google have found that 21 out of the top 25 news organizations have been targeted by cyberattacks that are likely state-sponsored. We’ve heard about some high profile attacks on news sites, but Google actively tracks the countries that are launching these attacks, and even hosts email services for many of the news organizations. ‘Huntley said Chinese hackers recently gained access to a major Western news organization, which he declined to identify, via a fake questionnaire emailed to staff. Most such attacks involve carefully crafted emails carrying malware or directing users to a website crafted to trick them into giving up credentials. Marquis-Boire said that while such attacks were nothing new, their research showed that the number of attacks on media organizations and journalists that went unreported was significantly higher than those made public.’

Security analysts at SenceCy which are monitoring the advancement of a new Zorenium Bot discovered that it is able to infect also iOS devices.
Security analysts at SenceCy are monitoring the evolution for the Zorenium Bot, a new and unknown malware which has been advertised in the underground since January 2014.

This is the third article in two days of cyber criminal activities against mobile industry, demonstrating the high interest of cybercrime in the exploitation of so powerful and widespread platforms.

Zorenium Bot seems to be an ongoing project, the authors provided new updates this month, probably the most important improvement announced is the ability to infect Apple iOS devices. Apple iOS devices based on version from 5 up to 7 could be infected by the Zorenium Bot, exactly like Linux and Windows based machines.

The cost for the entry-level Zorenium bot is 350 GBP, the price grows up to over 5000GBP if the botnet includes advanced features like the support of P2P communication to C&C, or i2p C&C.

The authors of Zorenium Bot have updated the rootkit to TDL4 (Alureon), a very common rootkit that has been around for several years used in numerous large botnets. Recent versions TDL4 has different advanced capabilities, including the ability to bypass some Windows code-signing requirements.

The security analysts consider the Zorenium Bot very insidious because it still goes undetected by most AV companies.

The Zorenium Bot is an extremely versatile malware, it could be used for surveillance activities thanks formgrabbing and remote monitoring features, for financial frauds thanks the implementation of features of banking Trojan, to run DDoS, instructed as Bot-killing agent, to mine Bitcoin.

Zorenium has been advertised on Pastebin, the full release notes for the latest version of Zorenium bot provided detailed information on malware functionalities.

According to the developers Zorenium bot is still in beta mode, future release could include more features that can make the botnet more resilient.

Security researchers from ESET have uncovered a widespread attack campaign that has infected more than 25,000 Linux and UNIX servers around the world. The servers are being hijacked by a backdoor Trojan as part of a campaign the researchers are calling ‘Operation Windigo.’ Once infected, victimized systems are leveraged to steal credentials, redirected web traffic to malicious sites and send as many as 35 million spam messages a day. ‘Windigo has been gathering strength, largely unnoticed by the security community, for more than two and a half years and currently has 10,000 servers under its control,’ said Pierre-Marc Bureau, security intelligence program manager at ESET, in a statement.

There are many misconceptions around Linux security, and attacks are not something only Windows users need to worry about. The main threats facing Linux systems aren’t zero-day vulnerabilities or malware, but things such as Trojanized applications, PHP backdoors, and malicious login attempts over SSH. ESET recommends webmasters and system administrators check their systems to see if they are compromised, and has published a detailed report presenting the findings and instructions on how to remove the malicious code if it is present.

We demystify the Linux Kernel by bringing forth some features that are common to all versions of Linux OS.

Wednesday, September 25, 2013: Linux Kernel is a piece of code that is common to all versions of Linux. Proper understanding of the Linux kernel allows you to modify the operating system (OS) so as to incorporate support for the features you want. Every Linux kernel comes with these features:

Multiuser – You can not only have multiple user accounts on a Linux system, but can also have multiple users logged in and working on the system simultaneously. Also, the users can arrange their own environments the way they want. It is possible to have user accounts password-protected, so that users can monitor who gets access to their applications and data.

Multitasking – In Linux, it is possible to have several programs running together, which means that you can not only have multiple programs running together, but that the Linux OS can itself have programs running in the background. Majority of these system processes make it feasible for Linux to work as a server with numerous background processes responding to the network for requests to log in to your system, display an Internet page, print a document, or copy a file.

Graphical user interface (X Window System) – The robust framework for working with graphical applications in Linux is dubbed as the X Window System (or simply X). X manages the functions of opening X-based graphical user interface (GUI) applications and showing them on an X server process (the process that controls your screen, mouse, and keyboard).

Hardware support – It is possible to organize support for roughly every type of hardware which can be connected to a pc. You can get support for floppy disk drives, CD-ROMs, removable disks, sound cards, video cards, tape devices, and lots of other things you can think of.

Networking connectivity – Linux provides support for a range of local area network cards to connect your Linux system to a network, modems, and serial devices. Additionally, LAN protocols, including Ethernet -both wired and wireless, all the most admired upper-level networking protocols can be integrated. TCP/IP is the most popular of these protocols is which is used for connecting to the Internet while other protocols, such as IPX and X.25 are also available.

Network servers – Linux provides best networking services to the client computers on the LAN and also to the entire Internet. It offers you a range of software packages to enable you to use Linux as a print server, file server, FTP server, mail server, Web server, news server, or workgroup (DHCP or NIS) server.

Application support – Due to the compatibility with POSIX and various other application programming interfaces (APIs), a large variety of freeware and shareware software is available for Linux. Majority of GNU software from the Free Software Foundation will run in Linux.

U.S. officials announced plans Friday to relinquish federal government control over the administration of the Internet, a move that pleased international critics but alarmed some business leaders and others who rely on the smooth functioning of the Web.

Pressure to let go of the final vestiges of U.S. authority over the system of Web addresses and domain names that organize the Internet has been building for more than a decade and was supercharged by the backlash last year to revelations about National Security Agency surveillance.

The change would end the long-running contract between the Commerce Department and the Internet Corporation for Assigned Names and Numbers (ICANN), a California-based nonprofit group. That contract is set to expire next year but could be extended if the transition plan is not complete.

“We look forward to ICANN convening stakeholders across the global Internet community to craft an appropriate transition plan,” Lawrence E. Strickling, assistant secretary of commerce for communications and information, said in a statement.

The announcement received a passionate response, with some groups quickly embracing the change and others blasting it.

In a statement, Senate Commerce Committee Chairman John D. Rockefeller IV (D-W.Va.) called the move “consistent with other efforts the U.S. and our allies are making to promote a free and open Internet, and to preserve and advance the current multi-stakeholder model of global Internet governance.”

But former House speaker Newt Gingrich (R-Ga.) tweeted: “What is the global internet community that Obama wants to turn the internet over to? This risks foreign dictatorships defining the internet.”

The practical consequences of the decision were harder to immediately discern, especially with the details of the transition not yet clear. Politically, the move could alleviate rising global concerns that the United States essentially controls the Web and takes advantage of its oversight position to help spy on the rest of the world.

U.S. officials set several conditions and an indeterminate timeline for the transition from federal government authority, saying a new oversight system must be developed and win the trust of crucial stakeholders around the world. An international meeting to discuss the future of Internet is scheduled to start on March 23 in Singapore.

The move’s critics called the decision hasty and politically tinged, and voiced significant doubts about the fitness of ICANN to operate without U.S. oversight and beyond the bounds of U.S. law.

“This is a purely political bone that the U.S. is throwing,” said Garth Bruen, a security fellow at the Digital Citizens Alliance, a Washington-based advocacy group that combats online crime. “ICANN has made a lot of mistakes, and ICANN has not really been a good steward.”

Business groups and some others have long complained that ICANN’s decision-making was dominated by the interests of the industry that sells domain names and whose fees provide the vast majority of ICANN’s revenue. The U.S. government contract was a modest check against such abuses, critics said.

“It’s inconceivable that ICANN can be accountable to the whole world. That’s the equivalent of being accountable to no one,” said Steve DelBianco, executive director of NetChoice, a trade group representing major Internet commerce businesses.

U.S. officials said their decision had nothing to do with the NSA spying revelations and the worldwide controversy they sparked, saying there had been plans since ICANN’s creation in 1998 to eventually migrate it to international control.

“The timing is now right to start this transition both because ICANN as an organization has matured, and international support continues to grow for the multistakeholder model of Internet governance,” Strickling said in a statement.

Although ICANN is based in Southern California, governments worldwide have a say in the group’s decisions through an oversight body. ICANN in 2009 made an “Affirmation of Commitments” to the Commerce Department that covers several key issues.

Fadi Chehade, president of ICANN, disputed many of the complaints about the transition plan and promised an open, inclusive process to find a new international oversight structure for the group.

“Nothing will be done in any way to jeopardize the security and stability of the Internet,” he said.

The United States has long maintained authority over elements of the Internet, which grew from a Defense Department program that started in the 1960s. The relationship between the United States and ICANN has drawn wider international criticism in recent years, in part because big American companies such as Google, Facebook and Microsoft play such a central role in the Internet’s worldwide functioning. The NSA revelations exacerbated those concerns.